Posts tagged with "security"

Airplane illustration by Heather Skovlund for 360 Magazine

THE FUTURE OF TRAVEL PLANNING

By: Andrew Shibuya

As the world has remained in their homes this past year and a half, traveling abroad seems to be the light at the end of a very long tunnel for many. While globetrotters stayed home bound and planned their trips for the second restrictions lifted, the travel industry underwent a rapid and drastic transformation. As such, many experts claim that travel – and particularly global travel  – will be forever changed.

In the midst of the pandemic and the ubiquitous desire to be anywhere but home, travel destinations have begun to accommodate traveler’s concerns in the face of the virus. In some cases, it was changing the distance between tables in a restaurant or limiting the capacity of occupants in a hotel. In other cases, however, the only changes were claims of improvements or safer accommodations. While many hotels and restaurants truly began taking necessary precautions, some did not adapt – despite claiming to.

And such, in the age of the internet and modernity’s obsession with bureaucracy, innumerable COVID safety certificates – some valid, and some pure and simple money grabs – were born. Resultantly, the great saturation of these valuable assurances ultimately renders them to be valueless. For even the avid travelers and eagle-eyed among us, such certifications will likely prove to be a nuisance at best, and a health concern at worst.

In the travel industry, the remaining agencies have sought various solutions to this issue of verifying credibility. What happens when someone who is particularly at risk for COVID is infected by the virus at a supposedly safe hotel? Why even take these risks at all?

This past week, 360 Magazine attended an event with several travel experts who discussed this very issue and presented potential solutions. Though the situation is troubling and promises to only get worse, experts are beginning to craft plans and act against this rubber-stamping.

Terrence Suero of Buffalo-based travel agency Toca Travel has a promising and apt response to this new strain of scammers. While he is confident that the world will never return to its pre-pandemic state, Suero understands that travel is an essential part of many people’s lives. Even now, just months after the commencement of vaccine distribution, Americans have started to travel. While most are now staying within United States’ borders, some are wandering to more distant corners of the globe.

But, every new strain and ensuing restriction springs new doubts and trouble for the average traveler. And for travel agents, their work has only gotten more difficult–not only in the face of these conditions, but also regarding the endless onslaught of dubious safety certifications. To this end, Suero has started Safe Travel Pathways – a new endeavor that he hopes will eradicate, or at the very least assuage, travelers’ health concerns related to COVID.

Safe Travel Pathways at its core is an open-source directory of vetted hospitality companies. The company hopes to begin its directory abroad in Costa Rica, and if successful, to gradually expand globally. Behind Safe Travel Pathways is Suero’s ethos as a travel agent: to treat travelers as adults. His aim is simply to provide helpful and accurate information, with the goal being that travelers can make their own informed decisions.

The main criteria for Safe Travel Pathways’ approval includes adherence to internationally accepted health standards, a third-party audit system that can determine the provided level of safety and strict governance. Safe Travel Pathways uses a grading system from one to five that considers various accreditations, verified safety precautions, and guidelines to evaluate companies. The idea behind this system evinces once more Suero’s desire to allow travelers to choose their own itinerary in light of the safety information provided. While certain places may receive lower scores than others, Suero acknowledges that some people are more comfortable than others regarding COVID safety precautions.

However, Suero has more than just coronavirus in mind. His future offerings likely will include restaurants and other accommodations that have been vetted for specific allergens and other necessary health considerations. Suero was careful to note that most travel agents are not health specialists. With these future additions, he hopes to assuage as many health concerns as possible, for both travel agents and travelers. Such other future additions may highlight businesses that are accessible, sustainable, or accommodating for similar travel concerns.

Safe Travel Pathway’s test run is starting soon in Costa Rica to gain a greater understanding of its capability and viability as an international travel database. Suero hopes to soon expand into Europe and South America with the help of travel bureaus, which validate businesses on a local level. The database is free and accessible to all, with certain features limited to travel agents or agencies.

As the world reopens, much is still left unclear. With each new strain and constantly shifting guidelines, creating travel plans can be unnecessarily convoluted and stressful. Though the world may never return to “normal,” tools like Safe Travel Pathways can hopefully move us in the right direction.

 

illustration bv Samantha Miduri for use by 360 Magazine

Android Apps

When a developer leaves a mistake in application code, it can create a security vulnerability that criminals may exploit. 

According to the data presented by the Atlas VPN team, 63% of Android applications had known security vulnerabilities in Q1 2021, with an average of 39 vulnerabilities per app. 

Gaming apps had the most vulnerabilities out of all Android app categories. A whopping

96% of top free games apps were found to contain vulnerable components. Additionally, 94% of top-grossing games apps and 80% of top paid games apps also had vulnerabilities. 

Despite the fact that financial apps require some of the most personally sensitive data, vulnerabilities were also discovered in 88% of banking apps, 84% of budgeting apps, and 80% of payment apps. 

Education apps have the most high-level vulnerabilities 

Not all vulnerabilities are equal. While some may just be minor issues that do not pose any active threat to the user, other vulnerabilities can cause serious repercussions. Let’s delve deeper into the different types of Android security vulnerabilities registered since 2018. 

Education apps had the highest number of exploitable Android vulnerabilities with possible fixes as of the first quarter of 2021 43%. Meanwhile, apps in the top games category had the biggest number of exploitable Android vulnerabilities with no available fixes 6%. 

Overall, 44% of the Android app vulnerabilities were classified as high-risk, meaning they represented a tangible threat. 

Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the situation: 

“Given that the Google Play store applications have been downloaded millions of times, it is safe to say they pose significant security risks to Android users. ”

To read the full article, click here.

By Mina Tocalini for 360 MAGAZINE

Data Privacy Core Principles

No one likes being watched, offline or on. And it is especially unnerving when a brand oversteps that boundary and pops up everywhere you go online.

Invisibly is on a mission to ensure companies have your direct consent for using your data and compensate you for the use of it. Invisibly believes in Seven Core Data Privacy Principles that can change the way companies acquire and use personal data. You can control who sees your data, where and when.

But what are these principles, and why should you care about them? These principles represent the spirit of data collection, are the basis of The Data Protection Act, the California Consumer Privacy Act, and shaped the European Union’s GDPR. The foundation of data privacy in the current digital world, Invisibly believes everyone should know the principles as we move towards a people-centered data economy.

  • Lawfulness, fairness, and transparency

People should always know what data is being collected, by whom, and why. Furthermore, your data should never be used against you- as in tracking your internet browsing secretly to sell you a product later.

  • Purpose limitation

Your data should only be used in the way it was intended. Your data shouldn’t be collected for research purposes, and then turned around for marketing.

  • Data minimization

Only relevant data should be collected. A company should not collect all possible data on you- your mother’s maiden name, first pet, and favourite teacher does not apply for a survey on what type of coffee you use.

  • Accuracy (holding)

Your data should be updated on a regular basis. Outdated data does no one any good- you or the company who wants it.

  • Storage limitation

Data should not be kept forever! Your data should only be kept for as long as necessary, and not reused.

  • Integrity and confidentiality (security)

Companies should always keep your data safe. This prevents bad actors from accessing it and keeps it safe from any cybersecurity breaches. You should never have to worry if your information is at risk.

  • Accountability

Companies must show that they are taking reasonable action to meet these principles.

More information on Fox 26 and CBS.

Green Car by Mina Tocalini for 360 Magazine

Concentric Q×A

In the current age of digital technology, car owners are being forced to consider their vehicle’s susceptibility to ransomware attacks. These malicious cyber-attacks can expose your personal data to online hackers. However, there are certain measures that car owners can take to help prevent security breaches. Proactive car owners are utilizing services like Concentric to safeguard their technology and online identity. 360 Magazine spoke with Laura Hoffner, Chief of Staff at Concentric, and Sam Connour, Concentric Intern, about how to best practice car system security.

What steps can proactive car owners take to protect their vehicles from security threats and hackers?

First, understand that all digital property can be hacked.

Second, as a result, be conscious of what personal technology you connect to or tether with. Understand that if you connect your phone to your car via Bluetooth, someone hacking into your car will then result in vulnerability to your phone (and everything else connected to your phone such as your home Wi-Fi, addresses, credit cards.)

Third, ensure your vehicle’s software is up today. Car makers, like Tesla and Jeep, are known to push out patches for these potential holes hackers can access. Keeping your vehicle up to date will aid in that effort.

Finally, protect that vulnerability by being aware of the modifications you’re making to your vehicle’s software. Don’t let unknown devices connect to your car, and be wary of who has physical access to your vehicle

What makes a car susceptible to ransomware attacks?

Cars are now equal [in terms of susceptibility] to computers as a result of their connectivity capabilities both to the internet and to Bluetooth. If a car is connected to an insecure and unprotected internet connection, hackers are capable of installing malware into a vehicle’s operating or infotainment systems.

What models of cars are the most likely to encounter hacking/privacy issues?

Cars with self-driving capabilities, or features such as lane assist or automatic braking, are particularly at risk. But practically any vehicle made in the past 20 years can be hacked. Generally, vehicles [from] 2007 or newer run a higher risk of personal information being compromised. Car makers, with a warning from the FBI, are taking steps to beef up cybersecurity within their vehicles.

Should customers be weary of certain car brands when buying technology systems for their vehicles? How can consumers find quality retailers with safe car products?

Rather than it being a concern about specific car brands, consumers should instead educate themselves on the risk associated with these vulnerabilities and take proper protocol to mitigate those risks.

Can Concentric offer any services for car owners looking to safeguard their vehicles?

Concentric offers holistic security solutions for our clients. Included in that is a residential risk assessment that can identify specific concerns and vulnerabilities. This is where personal risk associated with property would be assessed, [as well as] physical and behavioral recommendations.

How did your experience as a Naval Intelligence Officer and in the Naval Reserves translate into your current role at Concentric?

Understanding the threat landscape both nationally and internationally– as well as the acknowledgement that we make both micro and macro decisions about risk daily– ultimately prepared me to understand the corporate security landscape. Holistically viewing a problem set and identifying creative solutions are [at] the core of Naval Intelligence, thus it wasn’t a large leap to bring that mindset over with me from the government side.

As Concentrics’ Chief of Staff, what is your best advice regarding car related security?

Car-related security advice is the same as all other security advice we have: educate yourself, your family, and your team to know what risk decisions you are making that have vast implications across your security vulnerability spectrum. Additionally, security is not something to think about when you’re in a crisis. Avoid or better prepare yourself for the crisis beforehand by taking steps to vastly reduce, or eliminate, your vulnerabilities to exploitation.

Heather Skovlund computer illustration for use by 360 Magazine

Global Commitment to Cybersecurity

According to a recent study by the Atlas VPN team, the United States, United Kingdom, and Saudi Arabia lead in commitment to cybersecurity.

As technologies continue to evolve, governments around the world must face the reality of cyber threats and adapt their security practices. A study reports on countries’ scores on the Global Cybersecurity Index (GCI), varying cybersecurity training and practices, and additional statistics which help to create a fuller picture of the global relationship to cybersecurity.

A GCI score is given by evaluating each country’s commitment to legal, technical, organizational, capacity development, and cooperation indicators. The United States earned a perfect score of 100, getting all 20 points in each GCI indicator. However, while the US has the most cybersecurity resources, the latest cyberattacks on Americans have shown room for improvement.

The United Kingdom follows behind, scoring 99.54 points in GCI. The score indicates that the UK has to employ more computer incident response teams, enabling a country to respond to incidents at the national level using a centralized contact point and promote quick and systematic action.

Saudi Arabia shares second place, getting the same score of 99.54 as the UK. While being one of the fastest developing countries, Saudi Arabia has placed great importance on cybersecurity.

Estonia takes the fourth slot as they scored 99.48, losing just half a point in the capacity development indicator. Estonia has become one of the heavyweights in cybersecurity with a high-functioning central system for monitoring, reporting, and resolving incidents.

The Republic of Korea, Singapore, and Spain all share fifth place, scoring 98.52 points. 

Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on the current cybersecurity landscape, “Beyond co-operating within countries, Global Cybersecurity Index leaders could help less developed countries address cybersecurity challenges. For example, creating a strategy or sharing good cyber practices can help reach more balanced and robust security against cyber threats.”

Lack of cybersecurity training 

One of the reasons why cyber attacks continue to increase is a lack of cybersecurity education and training.

Just 46% of countries provided specific cybersecurity training for the public sector and government officials. Employees in these fields usually work with a lot of sensitive or confidential information, which is why education on cybersecurity is essential. 

Meanwhile, 41% of countries provided cybersecurity training to small and medium enterprises or private companies. Businesses often become targets for hackers as the latter can easily profit off of stolen data or ransomware attacks. While more prominent private companies can afford cybersecurity experts, smaller businesses do not have such luxury.

Law enforcement agents received educational cybersecurity programs in only 37% of countries, while only 31% of countries provide training to judicial and legal actors. This training may help officers and executors of the law understand how hackers think, identify the tools that hackers use to commit attacks, and ultimately prevent and protect from future cybercrime.

Beyond co-operating within countries, Global Cybersecurity Index leaders could help less developed countries address cybersecurity challenges. Creating a strategy or sharing good cyber practices can help reach more balanced and robust security against cyber threats.

Graph via BeyondTrust.com for Atlas VPN for use by 360 Magazine

In 2020 Number of Vulnerabilities in Microsoft Products Exceeded 1,000 for the First Time

Microsoft products are used by billions of people worldwide. Historically, however, they are known to have many vulnerabilities that pose security risks to users of the software.

According to data presented by the Atlas VPN team, the total number of vulnerabilities in Microsoft products reached 1,268 in 2020—an increase of 181% in five years. Windows was the most vulnerability-ridden Microsoft product. It had a total of 907 issues, of which 132 were critical. However, Windows Server had the largest number of critical issues. In 2020, 902 vulnerabilities were detected in Windows Server, of which 138 were critical.

Issues were also found in other Microsoft products, such as Microsoft Edge and Internet Explorer. Together, these browsers had 92 vulnerabilities in 2020. In total, 61 or even 66% of these vulnerabilities were of critical level. Meanwhile, Microsoft Office had 79 vulnerabilities, 5 of which were critical. 

Ruth Cizynski, the cybersecurity researcher and author at Atlas VPN, shares her thoughts on the situation :

 “These numbers are a massive problem because every Microsoft product has millions of users. Therefore, it is important that consumers update their software applications on time. Software updates can include security patches that can fix vulnerabilities and save users from getting hacked.”

Elevation of privilege is the most common Microsoft vulnerability

A wide range of vulnerabilities was discovered in various Microsoft products last year.  However, some types of vulnerabilities were more common than others. Elevation of privilege was the most frequently detected issue in Microsoft products. It was discovered 559 times and made up 44% of all Microsoft vulnerabilities in 2020.

Next up is remote code execution. In total, 345 such vulnerabilities were found last year, putting it in second place on the list. Remote code execution accounted for 27% of the total number of Microsoft vulnerabilities in 2020.

Information disclosure occupies the third spot on the list. There were 179 such issues discovered in 2020. Together, they made up 14% of all Microsoft vulnerabilities that year.

To learn more, click HERE.

Graph via Sophos for Atlas VPN for use by 360 Magazine

India, Austria, and US Most Hit with Ransomware

Ransomware attacks are one of the leading cyber threats that organizations have to face.

According to the data presented by the Atlas VPN team, organizations in India, Austria, and the United States are among the most hit with ransomware attacks. To compare, more than 50% of companies in the mentioned countries experienced such attacks in the past year, while the global average is 37%.

Out of 300 interviewees from India, 68% suffered from a ransomware attack. At the same time, 57 out of 100 respondents from Austria experienced a ransomware attack in the last year. Next up, in the United States, 51% of participants, out of 500 questioned, reported that they were hit with a ransomware attack.

Retail and Education Sectors Suffer the Most Ransomware Attacks

Some organizations in specific sectors are more susceptible to hacker attacks due to their lower security levels or valuable data. However, cybercriminals do not shy away from attacking even the biggest companies or government administrations.

Out of 435 respondents in the retail industry, 44% were hit with a ransomware attack last year. Hackers strike retailers when it could hurt them the most, for example, on Black Friday or Christmas seasons.

Retailers share first place with education organizations—out of 499 education interviewees 44% experienced such malicious attacks. Cybercriminals usually deploy ransomware attacks at the start of a school year to cause maximum disruption.

The business and professional services industry suffered the third most ransomware attacks, with a total of 42% out of 361 respondents stating they experienced a ransomware attack in the past year. Companies in this industry are usually smaller with less staff, meaning they might not have a dedicated person to ensure security. Out of 117 participants in the Central government and non-departmental public body (NDPB) sector, 40% reported being attacked with ransomware in the last year.

Conclusion

Cybersecurity writer and researcher at Atlas VPN Anton Petrov shares his advice on how to protect your organization against ransomware attacks.

“Prepare a plan in case you… get hacked. Always have a backup of your data so you don’t have to pay a ransom. Investing in cybersecurity will cost you less than having to deal with the aftermath of a ransomware attack.”

Like with everything else, there’s a way to protect your data in order to make sure hackers don’t get to it and cause serious financial damage.

Tech Illustration by Rita Azar for use by 360 Magazine

Most Cybercrime by State

According to Atlas VPN analysis, the top 10 US states by losses to cybercrime are California, New York, Texas, Florida, Ohio, Illinois, Missouri, Pennsylvania, Virginia, and Colorado.

Last year, citizens in these states lost $2.39 billion to various types of internet crime. In the earliest reporting period – 2013, losses reached $327.89 million. Meaning, accumulated monetary damages in these states jumped by 629% over an eight-year period.

The data is compiled from the last eight annual Internet Crime Reports published by the Federal Bureau of Investigation (FBI). The FBI shares data provided by victims from all over the country to alert US citizens to the ever-increasing rates of internet crime.

To no surprise, California experienced the largest damages in 2020. Californians lost over $621 million in 2020 and a staggering $2.55 billion since 2013.  

The average annual loss growth (AAGR) of cybercrime damages reaches 33% in sunny California. On a similar note, financial losses jumped by 491% when comparing 2013 to 2020.

The second place goes to the largest city in the US – New York. Here, people lost nearly $416 million in 2020. The total losses from cybercrime amount to $1.15 billion, counting from 2013.

The average annual growth rate of losses to cybercrime exceeds that of California and stands at 50%. In 2013, New Yorkers lost $38 million to internet crime, which means that in the eight-year span, damages grew by 993%.

Texas takes third place, with close to $314 million in capital loss last year. Through the last eight years, fraudsters swindled over $1.01 billion from unsuspecting citizens.

Texans lost $56 million in 2013. Meaning, cybercrime damages in Texas jumped by 455% from 2013 to 2020. Here, AAGR stands at 30%, which is the lowest of the top 10 states.

Fourth is Florida, with $295 million in losses to various types of internet crime. From 2013 until 2020, citizens in Florida lost a whopping $1.16 billion of their hard-earned money.

To read the full article, head over to: https://atlasvpn.com/blog/an-analysis-of-the-top-10-most-cybercrime-ridden-states

Rita Azar illustrates a video game article for 360 MAGAZINE

Video Games x Standardized Testing

Standardized testing in schools is one of the most hotly contested subjects in academics. Does it actually measure academic skills and learning progress? Is there a better, more definitive way to measure those skills? Is standardized testing punishing hard workers and high achievers who also happen to be anxiety-ridden or bad test-takers?

In an interview with CMRubinWorld, video gaming industry veteran and founder of Breakaway Games Doug Whatley said the next step for these pesky measuring sticks is in the video game world.

“We already have simulation games that are capable of being used as a standardized test, so I think there is real promise for many types of tests to be replaced by games,” Whatley said, adding that games are often better, more secure and more affordable tests.

Whatley also predicted that free-to-play games and large market games would close the gap between the two.

“Mobile apps will get bigger and AAA games will get smaller using multiple season type distribution,” he said.

Whatley used that premise to make five more predictions. First, he said video games will cover a wider variety of content. Next, he said phones will become more powerful, thus driving more gamers to mobile devices as a gaming platform. Third, he expects to see games use new media platforms like Zoom and Google Classroom. Fourth, he expects to see more distribution in rolled out packages, like the already popular DLC model, and finally, he anticipates student-created content to be judged and used by peers.

The pandemic has forced education to adapt on its feet, and it appears technology and video games will be beneficiaries of its modern adjustments and pivots.

It Is Time to Rethink the Services You Use

People everywhere are rethinking how they consume entertainment and utilities in their homes. With the variety of services now available to homeowners, it is important to know what the options are. Many companies are producing new products that provide solutions beyond traditional services. Today you can find more personalized and cost-effective solutions as a consumer than ever before.

Utilities

The renewable energy options available for residences are changing the way people think about their energy consumption. Traditional means of providing energy to a home by gas or electricity companies are no longer the only cost-effective energy solutions. Renewable energy resources such as solar panels are readily available for residences. These can help support or sustain a home’s energy usage. Residential internet options are now more varied than they have ever been. Companies like Starry are providing next-gen home internet services in Los Angeles and other major cities. Consumers using these newer services are finding that high quality does not require high cost.

Entertainment

In-home entertainment is much more than the typical cable or satellite television. There are a variety of streaming services that offer many entertainment options. Today’s consumers are mixing and matching services to get exactly what they want while still saving money. Television isn’t the only form of entertainment with a variety of ways to consume. There are services to rent and stream movies, video games, and even local TV. With so many options on the market, you can customize what you have available in your home and ensure you always get to see and do what you want.

Security

A professional home security system and monitoring may be the best way to protect your home, but the options available for homeowners are more varied than ever. Smart home products such as doorbells with cameras, smart door locks and garage door openers are changing the home security game. These can often be monitored by the homeowner or combined with professional monitoring services for a more comprehensive solution. Assess your security needs and find the most cost-effective solution with the help of Locksmith Salem to keep your home protected.

Advances in technology and services that are readily available are helping homeowners make better choices about how they spend their money and what they choose to consume. People are finding personalized solutions for their homes that are benefiting their wallets as well as the environment. Take the time to look into the variety of services available and find your new favorite.